Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2024-13187

Publication date:
08/01/2025
A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity CVSS v4.0: MEDIUM
Last modification:
08/01/2025

CVE-2024-55459

Publication date:
08/01/2025
An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.
Severity CVSS v4.0: Pending analysis
Last modification:
09/01/2025

CVE-2024-56770

Publication date:
08/01/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/sched: netem: account for backlog updates from child qdisc<br /> <br /> In general, &amp;#39;qlen&amp;#39; of any classful qdisc should keep track of the<br /> number of packets that the qdisc itself and all of its children holds.<br /> In case of netem, &amp;#39;qlen&amp;#39; only accounts for the packets in its internal<br /> tfifo. When netem is used with a child qdisc, the child qdisc can use<br /> &amp;#39;qdisc_tree_reduce_backlog&amp;#39; to inform its parent, netem, about created<br /> or dropped SKBs. This function updates &amp;#39;qlen&amp;#39; and the backlog statistics<br /> of netem, but netem does not account for changes made by a child qdisc.<br /> &amp;#39;qlen&amp;#39; then indicates the wrong number of packets in the tfifo.<br /> If a child qdisc creates new SKBs during enqueue and informs its parent<br /> about this, netem&amp;#39;s &amp;#39;qlen&amp;#39; value is increased. When netem dequeues the<br /> newly created SKBs from the child, the &amp;#39;qlen&amp;#39; in netem is not updated.<br /> If &amp;#39;qlen&amp;#39; reaches the configured sch-&gt;limit, the enqueue function stops<br /> working, even though the tfifo is not full.<br /> <br /> Reproduce the bug:<br /> Ensure that the sender machine has GSO enabled. Configure netem as root<br /> qdisc and tbf as its child on the outgoing interface of the machine<br /> as follows:<br /> $ tc qdisc add dev root handle 1: netem delay 100ms limit 100<br /> $ tc qdisc add dev parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms<br /> <br /> Send bulk TCP traffic out via this interface, e.g., by running an iPerf3<br /> client on the machine. Check the qdisc statistics:<br /> $ tc -s qdisc show dev <br /> <br /> Statistics after 10s of iPerf3 TCP test before the fix (note that<br /> netem&amp;#39;s backlog &gt; limit, netem stopped accepting packets):<br /> qdisc netem 1: root refcnt 2 limit 1000 delay 100ms<br /> Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)<br /> backlog 4294528236b 1155p requeues 0<br /> qdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms<br /> Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)<br /> backlog 0b 0p requeues 0<br /> <br /> Statistics after the fix:<br /> qdisc netem 1: root refcnt 2 limit 1000 delay 100ms<br /> Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)<br /> backlog 0b 0p requeues 0<br /> qdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms<br /> Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)<br /> backlog 0b 0p requeues 0<br /> <br /> tbf segments the GSO SKBs (tbf_segment) and updates the netem&amp;#39;s &amp;#39;qlen&amp;#39;.<br /> The interface fully stops transferring packets and "locks". In this case,<br /> the child qdisc and tfifo are empty, but &amp;#39;qlen&amp;#39; indicates the tfifo is at<br /> its limit and no more packets are accepted.<br /> <br /> This patch adds a counter for the entries in the tfifo. Netem&amp;#39;s &amp;#39;qlen&amp;#39; is<br /> only decreased when a packet is returned by its dequeue function, and not<br /> during enqueuing into the child qdisc. External updates to &amp;#39;qlen&amp;#39; are thus<br /> accounted for and only the behavior of the backlog statistics changes. As<br /> in other qdiscs, &amp;#39;qlen&amp;#39; then keeps track of how many packets are held in<br /> netem and all of its children. As before, sch-&gt;limit remains as the<br /> maximum number of packets in the tfifo. The same applies to netem&amp;#39;s<br /> backlog statistics.
Severity CVSS v4.0: Pending analysis
Last modification:
10/01/2025

CVE-2025-22130

Publication date:
08/01/2025
Soft Serve is a self-hostable Git server for the command line. Prior to 0.8.2 , a path traversal attack allows existing non-admin users to access and take over other user&amp;#39;s repositories. A malicious user then can modify, delete, and arbitrarily repositories as if they were an admin user without explicitly giving them permissions. This is patched in v0.8.2.
Severity CVSS v4.0: MEDIUM
Last modification:
08/01/2025

CVE-2025-22136

Publication date:
08/01/2025
Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.217 , Tabby enables several high-risk Electron Fuses, including RunAsNode, EnableNodeCliInspectArguments, and EnableNodeOptionsEnvironmentVariable. These fuses create potential code injection vectors even though the application is signed with hardened runtime and lacks dangerous entitlements such as com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables. This vulnerability is fixed in 1.0.217.
Severity CVSS v4.0: HIGH
Last modification:
08/01/2025

CVE-2025-22137

Publication date:
08/01/2025
Pingvin Share is a self-hosted file sharing platform and an alternative for WeTransfer. This vulnerability allows an authenticated or unauthenticated (if anonymous shares are allowed) user to overwrite arbitrary files on the server, including sensitive system files, via HTTP POST requests. The issue has been patched in version 1.4.0.
Severity CVSS v4.0: Pending analysis
Last modification:
08/01/2025

CVE-2025-20126

Publication date:
08/01/2025
A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.<br /> <br /> This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.
Severity CVSS v4.0: Pending analysis
Last modification:
22/07/2025

CVE-2025-20123

Publication date:
08/01/2025
Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system.<br /> <br /> These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by inserting malicious data into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials.<br /> Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Severity CVSS v4.0: Pending analysis
Last modification:
23/07/2025

CVE-2024-55517

Publication date:
08/01/2025
An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated session.
Severity CVSS v4.0: Pending analysis
Last modification:
08/01/2025

CVE-2024-55656

Publication date:
08/01/2025
RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the password) to allocate memory in the heap lesser than the required memory due to wraparound. Then read and write can be performed beyond this allocated memory, leading to info leak and OOB write. The integer overflow is in CMS.INITBYDIM command, which initialize a Count-Min Sketch to dimensions specified by user. It accepts two values (width and depth) and uses them to allocate memory in NewCMSketch(). This vulnerability is fixed in 2.2.19, 2.4.12, 2.6.14, and 2.8.2.
Severity CVSS v4.0: Pending analysis
Last modification:
08/01/2025

CVE-2024-51737

Publication date:
08/01/2025
RediSearch is a Redis module that provides querying, secondary indexing, and full-text search for Redis. An authenticated redis user executing FT.SEARCH or FT.AGGREGATE with a specially crafted LIMIT command argument, or FT.SEARCH with a specially crafted KNN command argument, can trigger an integer overflow, leading to heap overflow and potential remote code execution. This vulnerability is fixed in 2.6.24, 2.8.21, and 2.10.10. Avoid setting value of -1 or large values for configuration parameters MAXSEARCHRESULTS and MAXAGGREGATERESULTS, to avoid exploiting large LIMIT arguments.
Severity CVSS v4.0: Pending analysis
Last modification:
08/01/2025

CVE-2024-51480

Publication date:
08/01/2025
RedisTimeSeries is a time-series database (TSDB) module for Redis, by Redis. Executing one of these commands TS.QUERYINDEX, TS.MGET, TS.MRAGE, TS.MREVRANGE by an authenticated user, using specially crafted command arguments may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. This vulnerability is fixed in 1.6.20, 1.8.15, 1.10.15, and 1.12.3.
Severity CVSS v4.0: Pending analysis
Last modification:
08/01/2025